Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Junos OS Evolved Release Notes for QFX5130-32CD and QFX5220 Devices

 

These release notes accompany Junos OS Evolved Release 20.4R3 for QFX5130-32CD, QFX5220-32CD and QFX5220-128C Switches. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

What's New

Learn about new features introduced in these releases for QFX Series switches.

What's Changed in Junos OS Evolved Release 20.4R3

General Routing

  • CLI commit error resolved (PTX Series and QFX Series)—CLI commit error for configuration statement no-filter-check for family any port mirroring is now resolved.

    [See no-filter-check.]

What’s New in Junos OS Evolved 20.4R2

There are no new features or enhancements to existing features in Junos OS Release 20.4R2 QFX Series switches.

What’s New in Junos OS Evolved 20.4R1

Hardware

  • Support for optical interfaces and transceivers (QFX5130-32CD)—Starting in Junos OS Evolved Release 20.4R1, optical interfaces and transceivers are supported on the QFX5130-32CD switches.

    [See the Hardware Compatibility Tool (HCT) for details.]

Juniper Extension Toolkit

  • Support for Juniper Extension Toolkit (JET) infrastructure service APIs (PTX10001-36MR, PTX10003, PTX10004, PTX10008, QFX5130-32CD, and QFX5220)—Starting in Junos OS Evolved Release 20.4R1, JET supports infrastructure service APIs that extract state data from the operating system and distribute it through the Data Distribution Service (DDS) publish-subscribe mechanism. The APIs support topic-level subscriptions that automatically subscribe to all individual types associated with that topic. Using JET, you can use the data collected by DDS to build custom applications and tools.

    The infrastructure service APIs are implemented by the infrastructure services process (iesd). The APIs can extract:

    • A list of subscription topics

    • A list of the objects associated with each topic

    • The schema and documentation for each object

    • Application-specific data

    [See JET APIs on Juniper EngNet.]

  • Support for Juniper Extension Toolkit (JET) versioning service APIs (PTX10001-36MR, PTX10003, PTX10004, PTX10008, QFX5130-32CD, and QFX5220)—Starting in Junos OS Evolved Release 20.4R1, JET supports the following service APIs that pull the versioning information from the IDL files of JET APIs. You can use this information for automation, such as to programmatically determine the compatibility of the deployed network elements and the remote procedure calls (RPCs).

    • JunosVersionRequest: Gets Junos OS Release number, gRPC version, and protobuf version.

    • ServiceListRequest: Lists all the services available on the device.

    • RpcListRequest: Gets all the RPCs of a given service.

    • ServiceVersionRequest: Gets the service version of a given RPC.

    [See JET APIs on Juniper EngNet.]

Junos Telemetry Interface

  • Packet Forwarding Engine sensor support with INITIAL_SYNC on JTI (QFX5130-32CD)—Starting in Junos OS Evolved Release 20.4R1, you can use Junos telemetry interface (JTI) and gRPC Network Management Interface (gNMI) services to export initial synchronized Packet Forwarding Engine statistics from devices to an outside collector. INITIAL_SYNC is enabled when an external collector sends a subscription request for a sensor with INITIAL_SYNC indicated by the updates_only flag set to false/default case. When the subscription request is received by the host, the host sends all supported target leaves (fields) under that resource path at least once to the collector with the current value, even zero values.

    INITIAL_SYNC submode is supported for the following sensors:

    • Sensor for CPU (ukernel) memory (resource path /junos/system/linecard/cpu/memory/)

    • Sensor for firewall filter statistics (resource path /junos/system/linecard/firewall/)

    • Sensor for physical interface traffic (resource path /junos/system/linecard/interface/)

    • Sensor for logical interface traffic (resource path /junos/system/linecard/interface/logical/usage/)

    • Sensor for physical interface queue traffic (resource path /junos/system/linecard/interface/

      queue/
      )

    • Sensor for physical interface traffic except queue statistics (resource path /junos/system/linecard/interface/traffic/)

    • Sensor for NPU memory (resource path /junos/system/linecard/npu/memory/)

    • Sensor for NPU utilization (resource path /junos/system/linecard/npu/utilization/)

    • Sensor for packet statistics (resource path /junos/system/linecard/packet/usage/)

    • Sensor for software-polled queue-monitoring statistics (resource path /junos/system/linecard/qmon-sw/)

    [See Understanding OpenConfig and gRPC and gNMI on Junos Telemetry Interface and Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).]

MPLS

  • New output fields added in the show path-computation-client lsp extensive command (PTX Series and QFX Series)—Starting in Junos OS Evolved Release 20.4R1, you’ll see association details such as Association type, ID, and source in the output of the show path-computation-client lsp command when you use the command with the extensive option.

    [See show path-computation-client lsp.]

Multicast

  • Support for multicast forwarding (QFX5130-32CD)—Starting with Release 20.4R1, Junos OS Evolved supports the following multicast features for device as last-hop router (LHR):

    • IPv4 and IPv6 multicast

    • Internet Group Management Protocol (IGMP)

    • Multicast Listener Discovery (MLD)

    • Protocol Independent Multicast source-specific multicast (PIM SSM)

    • Protocol Independent Multicast sparse mode (PIM SM)

    Support does not extend to L3 multicast features beyond those listed above. That is, in this release, IGMP snooping, MLD snooping, MSDP, MVPN, PIM-Bidir, PIM MoFRR, PIM first-hop router (FHR), and rendezvous point (RP) are not supported.

    In addition, IRB interface is not supported as either a source or a receiver, and make-before-break (MBB) is not supported for existing L3 aggregated Ethernet (ae) receivers (member additions and deletions or ups and downs).

    [See Multicast Routing Protocols.]

  • IGMP snooping support (QFX5130-32CD)—Starting with Junos OS Evolved Release 20.4R1, you can configure IGMP snooping with IGMPv1, IGMPv2, and IGMPv3 in any-source multicast (ASM) and source-specific multicast (SSM) modes.

    These devices don’t support:

    • IGMP snooping in proxy mode, in EVPN-VXLAN or EVPN-MPLS networks, or with IRB interfaces.

    • IGMP querier at Layer 2.

    • Make-before-break (MBB) link redistribution for multicast receivers on existing Layer 2 aggregated Ethernet (ae) interfaces, including for member additions or deletions and link up or down events.

    Other limitations:

    • Devices receiving IGMP group-specific queries on multicast router interfaces forward those queries to all other interfaces in the VLAN.

    • Devices forward all unregistered IPv4 and IPv6 multicast packets to the multicast router interfaces in the VLAN even if you configured an interface as a multicast router interface only for IGMP snooping.

    [See IGMP Snooping Overview.]

Network Management and Monitoring

  • Junos XML protocol operations support loading and comparing configurations using the configuration revision identifier (PTX10003, PTX10008, and QFX5220)—Starting in Junos OS Evolved Release 20.4R1, the Junos XML management protocol operations support loading and comparing configurations by referencing the configuration revision identifier of a committed configuration. You can execute the <load-configuration> operation with the configuration-revision attribute to load the configuration with the given revision identifier into the candidate configuration. Additionally, you can compare the candidate or active configuration to a previously committed configuration by referencing the configuration revision identifier for the comparison configuration. The <get-configuration> operation supports the compare="configuration-revision" and configuration-revision attributes to perform the comparison.

    [See <get-configuration> and <load-configuration>.]

  • Configuration retrieval using the configuration revision identifier (PTX10003, PTX10008, and QFX5220)—Starting in Junos OS Evolved Release 20.4R1, you can use the configuration revision identifier feature to view the configuration for a specific revision. This feature creates a unique configuration database revision with every successful configuration commit operation. This configuration database revision can be viewed with the CLI command show system configuration revision.

    [See show system configuration revision.]

Routing Protocols

  • VRRP PFE support (QFX5130-32CD, QFX5220)—Starting in Junos OS Evolved Release 20.4R1, QFX5130-32CD and QFX5220 switches support VRRP. This VRRP implementation does not support delegation, ISSU, ProxyArp, VLAN dual-tagging, or MC-LAG interfaces.

    [See Understanding VRRP]

System Management

  • PTP enterprise profile (QFX5220-128C)—Starting in Junos OS Evolved Release 20.4R1, we support the Precision Time Protocol (PTP) enterprise profile, which is based on PTP version 2 (PTPv2). The PTP enterprise profile enables the enterprise and financial markets to add a timestamp to the operations of different systems and to handle a range of latencies and delays.

    The PTP enterprise profile supports the following options:

    • IPv4 multicast transport

    • Boundary and ordinary clocks

    • 512 downstream and 4 upstream client clocks.

    You can enable the PTP enterprise profile at the [edit protocols ptp profile-type] hierarchy level.

    [See Understanding the Precision Time Protocol Enterprise Profile.]

  • PTP media profiles (QFX5220-32CD and QFX5220-128C)—Starting in Junos OS Evolved Release 20.4R1, you can configure the following Precision Time Protocol (PTP) media profile types:

    • SMPTE profile

    • AES67 profile

    • A combination of SMPTE and AES67 profiles.

    The media profiles support the following options:

    • PTP ordinary clock applications

    • PTP boundary clock applications

    • PTP over IPv4 multicast transport.

    You can enable the PTP media profiles at the [edit protocols ptp profile-type] hierarchy level.

    [See Understanding the PTP Media Profiles.]

What's Changed

Learn about what changed in these releasesfor QFX Series switches.

What's Changed in Junos OS Evolved Release 20.4R3

Authentication, Authorization, and Accounting

  • Command to automate SSH key-based authentication (PTX Series and QFX Series)—You can set up SSH-key based authentication between the network device and a remote host by issuing the request security ssh password-less-authentication operational mode command. When you execute the command with the appropriate options, the device generates SSH keys for the current user, provided the user does not already have existing keys, and transfers the user's public key to the authorized_keys file of the specified user on the remote host.

    [See request security ssh password-less-authentication.]

EVPN

  • Community information no longer included in VRF routing table— The QFX series switches no longer include the inherited advertised route target communities, EVPN extended communities, or vxlan encapsulation communities for EVPN Type 2 and EVPN Type 5 routes when an IP host is added in the VRF routing table.

What’s Changed in Junos OS Evolved Release 20.4R2-S3

General Routing

  • Enhancement to the show interfaces (Aggregated Ethernet) command (PTX Series and QFX Series)—When you run the show interfaces extensive command for Aggregated Ethernet interfaces, you can now view following additional fields for MAC statistics : Receive, Transmit, Broadcast and Multicast packets.

    [See show chassis pic.]

Software Licensing

  • Juniper Agile Licensing (PTX10003, PTX10016, QFX5130-32CD, QFX5220—Starting from this release onwards, the Juniper Agile License Manager is deprecated. You can use the Juniper Agile Licensing Portal to activate, install, manage, and monitor licenses on Juniper Networks devices.

    [See Juniper Agile Licensing Guide.]

Network Management and Monitoring

  • The configuration accepts only defined identity values for nodes of type identityref in YANG data models (PTX Series and QFX Series)—If you configure a statement that has type identityref in the corresponding YANG data model, the device accepts only defined identity values (as defined by an identity statement) as valid input. In earlier releases, the device also accepts values that are not defined identity values.

What's Changed in Junos OS Evolved Release 20.4R2

General Routing

  • SSH session connection attempt limits and connection limits (PTX Series and QFX Series)—We have introduced SSH connection-limit and rate-limit options at the set system services ssh hierarchy levels to enable SSH connection limit and rate limit per connection. The default connection limit value is 75 connections and there is no default value associated with rate limit.

  • You can enter zero suppression no-zero-suppression at the edit services analytics hierarchy level to disable zero suppression for gRPC-based sensors. When this feature is enabled, data for a sensor is sent to the collector if the sensor value is zero. All key value pair updates will be streamed to a collector without performing any zero suppression. To enable zero suppression again (the default), delete the configuration by entering delete services analytics zero-suppression no-zero-suppression. Whenever this feature is set or deleted, any existing collector is disconnected.

Junos XML API and Scripting

  • The jcs:invoke() function supports suppression of root login and logout events in system log files for SLAX commit scripts (PTX Series and QFX Series)—The jcs:invoke() extension function supports the no-login-logout parameter in SLAX commit scripts. If you include the parameter, the function does not generate and log UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages when the script logs in as root to execute the specified remote procedure call (RPC). If you omit the parameter, the function behaves as in earlier releases in which the root UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages are included in system log files.

    [See invoke() Function (SLAX and XSLT).]

  • The jcs:invoke() function supports suppression of root login and logout events in system log files for SLAX event scripts (PTX Series and QFX Series)—The jcs:invoke() extension function supports the no-login-logout parameter in SLAX event scripts. If you include the parameter, the function does not generate and log UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages when the script logs in as root to execute the specified remote procedure call (RPC). If you omit the parameter, the function behaves as in earlier releases in which the root UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages are included in system log files.

    [See invoke() Function (SLAX and XSLT).]

Software Licensing

  • License key format (PTX10003-160C, PTX10003-80C, QFX5220-32CD, QFX5220-128C)—When you are upgrading from Junos OS Evolved Release 20.4R1 to Junos OS Evolved Release 20.4R2 or later releases, you need new license keys to use the features on the listed devices. Contact Customer Care to exchange license keys for Junos OS Evolved Release 20.4R2 or later.

What's Changed in Junos OS Evolved Release 20.4R1

EVPN

  • New output flag for the show bridge mac-ip table command—The Layer 2 address learning daemon does not send updated MAC and IP Address advertisements to the Routing Protocol daemon when an IRB interface is disabled in an EVPN-VXLAN network. Junos has added the NAD flag in the output of the show bridge mac-ip-table command to identify the disabled IRB entries where the MAC and IP address advertisement will not be sent.

    [See show bridge mac-ip-table.]

  • Updated XML output for show evpn p2mp—Starting with this release, when you pipe the output of the show evpn p2mp command to the display xml option, Junos OS now returns an XML output with a subtree structure for each neighbor. Prior to this release, the display XML returns an XML output with all the neighbors under one tree structure.

General Routing

  • Inet6 is disabled in VT interface (QFX5130-32CD and QFX5220)—Starting in this release, the inet6 statement at the [edit interfaces vt-interface-number unit unit-number family] hierarchy level is disabled.

  • SSH session connection limit and rate limit per connection (PTX Series and QFX Series)—We have introduced the connection-limit and rate-limit options at the set system services ssh hierarchy levels to enable SSH connection limit and rate limit per connection. The default connection limit value is 75 connections and there is no default value associated with rate limit.

High Availability (HA) and Resiliency

  • Install or activate the RIFT package to include the request rift package activate-as-top-of-fabric option—Install or activate the RIFT package to include the request rift package activate-as-top-of-fabric option. This option is same as the activate option but it adds additional configuration to act as a top-of-fabric node.

Layer 2 Features

  • New commit check for MC-LAG (QFX Series)—We've introduced a new commit check to check the values assigned to the redundancy group identification number on the MC-AE interface ( redundancy-group-id ) and ICCP peer (redundancy-group-id-list ) when you configure multichassis aggregation groups (MC-LAGs). If the values are different, the system reports a commit check error. In previous releases, if the configured values were different, the l2ald process would crash.

    [See iccp and mc-ae.]

MPLS

  • The show mpls lsp extensivel and show mpls lsp detail commands display next hop gateway LSPid— When you use the show mpls lsp extensivel and show mpls lsp detail commands, you'll see next hop gateway LSPid in the output as well.

  • Disable back-off behavior on PSB2 (PTX Series and QFX Series)— We've introduced the cspf-backoff-time statement globally for MPLS and LSP to delay the CSPF by configured number of seconds, on receiving bandwidth unavailable PathErr on PSB2. If the configured value is zero, then the CSPF starts immediately for PSB2, when bandwidth-unavailable PathErr is received. If the statement is not configured, the default exponential back-off occurs.

    [See cspf-backoff-time..]

  • New TLV types and TLV type values in output field (PTX10001-36MR, PTX10003, PTX10004, PTX10008, QFX5130-32CD, and QFX5220)—We've introduced TLV SR policy identifier, TLV SR candidate path identifier, and TLV SR preference fields in the output for the show path-computation-client tlv-types command. These new output fields help you in easily fetching the TLV type values used by PCCD irrespective of whether the type values are experimental or standardized.

Multicast

  • Control plane DDoS protection packet type option for ARP traffic (PTX Series and QFX Series)—We've renamed the arp-snoop packet type option to arp in the [edit system ddos-protection protocols] arp protocol group. This packet type option enables you to change the default control plane distributed denial of service (DDoS) protection policer parameters for ARP traffic.

Network Management and Monitoring

  • Warning changed for configuration statements that correspond to deviate not-supported nodes in YANG data models (PTX Series and QFX Series)—If you configure a statement corresponding to a YANG data model node that defines the deviate not-supported statement, the Junos OS configuration annotates that statement with the comment Warning: statement ignored: unsupported platform. In earlier releases, the warning is Warning: 'statement' is deprecated.

Routing Protocols

  • Loading of the default configurations in a RIFT package causes the following changes:

    1. Output of the show rift node status command displays the node ID in hexadecimal number even though the node ID is configured in decimal, hexadecimal, or octal number.

    2. Some of the DDoS default configurations change because of the DDoS protection interferes with the RIFT BFD operation.

System Management

  • Support for exclude option under file archive (PTX Series and QFX Series)—The exclude option is added under the command file archive that specifies the file pattern to exclude. This option helps to exclude files that delay compression or files that do not require compression.

    [See file archive.]

User Interface and Configuration

  • Verbose format option for exporting JSON configuration data (PTX Series and QFX Series)—The Junos OS CLI exposes the verbose statement at the edit system export-format json hierarchy level. The default format for exporting configuration data in JSON changed from verbose format to ietf format starting in Junos OS Release 16.1R1. You can explicitly specify the default export format for JSON configuration data by configuring the appropriate statement at the edit system export-format json hierarchy level. Although the verbose statement is exposed in the Junos OS CLI as of the current release, you can configure this statement starting in Junos OS Release 16.1R1.

    [See export-format.]

Known Limitations

There are no known limitations in hardware and software in this release for QFX Series switches..

Open Issues

Learn about open issues in this release for QFX Series switches. For the most complete and latest information about known Junos OS Evolved defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • On Junos OS Evolved platforms when the NDP Neighbor Discovery Protocol (NDP) entries are scaled to 32,000 over IRB in one shot, the NDP process might reach 100% CPU utilization, and unicast nexthops for all the 32,000 entries might not be present. This results in traffic drops for entries for which unicast nexthop is not present. PR1551644

  • In the latest Junos OS Evolved 21.1R1 release, regression script might trigger PTP BC of QFX5220-32CD platform run into freerun state (expected Phasee aligned). The following configuration sequence can potentially trigger the issue: As a key workaround, do not commit seperately and commit only once. PR1604699

    • Configure PTP BC, then commit.

    • Configure the IP address on the interface, then commit.

As a workaround to avoid this happening in the release, perform the following configuration sequence:

  1. Configure PTP BC.

  2. Configure the IP address on the interface.

  3. Commit.

Layer 2 Features

  • It is observed rarely that issuing request system zeroize does not trigger zero-touch provisioning. As a workaround, re-initiate the ZTP. PR1529246

Routing Protocols

  • On QFX5130-32CD and QFX5220 Virtual Chassis or Virtual Chassis fabric, when the mini-PDT-base configuration is issued, the following error message is seen in the hardware: BRCM_NH-,brcm_nh_bdvlan_ucast_uninstall(), 128:l3 nh 6594 unintsall failed. There is no functionality impact because of this error message. PR1407175

Resolved Issues

Learn about the issues fixed in these releases for QFX Series switches.

For the most complete and latest information about known Junos OS Evolved defects, use the Juniper online Junos Problem Report Search application.

Resolved Issues: 20.4R3

There are no resolved issues in this release for QFX Series switches..

Resolved Issues: 20.4R2-S2

General Routing

  • On QFX5130 and QFX5220, object anomalies are seen with PTP TC configuration. PR1577375

  • Routing Engine policing status is updated correctly in the ddos-protection show command outputs. PR1588556

  • Port mirroing instance down with mirrored output as tagged interface. PR1593276

Resolved Issues: 20.4R2

General Routing

  • Utility: Differences in xml tags for show system virtual-memory are seen. PR1438110

  • On QFX5130-32CD, the dscp action configured in firewall filter does not work and does not rewrite the dscp bits. PR1514580

  • Ingress policer scale is limited to 128 due to a known issue in the Junos OS Evolved Release 20.3R1. PR1525525

  • The egress firewall filter might not work as expected on QFX5130 platforms. PR1536550

  • The software rollback might not work correctly on Junos OS Evolved platforms. PR1556641

  • The BGP sessions might intermittently flap if the egress sFlow sampling is enabled at a high sampling rate. PR1571636

Network Management and Monitoring

  • Trace file is not created under SNMP. PR1546784

User Interface and Configuration

  • The Junos OS Evolved operational state would be incorrect on the system and CoS scheduler configuration change might not take effect. PR1536615

Resolved Issues: 20.4R1

DHCP

  • DHCP Relay option-82, option code 53 check failed in jdhcpd trace logs. PR1498978

Interfaces and Chassis

  • Provision control IFL when none is configured for auto neighbor discovery. PR1507347

System Management

  • QFX5220 does not support the following matches, which were supported on QFX5200: first-fragment, tcp-established, Is-fragment, and hop-limit. PR1499009

  • The evo-aftmand process might be stuck at 100% CPU usage in a scaled setup. PR1511597

  • In QFX5130-32CD, when a policer is configured as an action for a loopback filter, it does not take effect. PR1514601

  • On the QFX5130-32CD platform, when the management port speed is configured to 100 Mbps, the port's status LED does not light up. However, the port forwards traffic normally. PR1521510

  • On the QFX5130-32CD platform, the ERSPAN status continues to show status as "Up" even when the destination IP address is unreachable. PR1527505

  • QFX5130-32CD: In LPM and default UFT profile, MAC addresses are learnt more than 32,000 in Routing Engine. PR1528508

  • 160,000 MAC flushing with traffic running, takes close to 35 minutes after clear ethernet-switching table, without traffic flushed in 3-4 minutes. PR1528511

  • On the QFX5130-32CD platform, the CLI option to configure a range of VLANs as the input for the analyzer is not supported in this release. PR1529419

  • The cosd might crash when multiple configuration changes are made in a single commit. PR1536320

  • The protocol LLDP might not be enabled after factory default. PR1536531

  • Egress RACL is not programmed as expected when an ERACL with 1000 terms is attached to more than one interface. PR1536550

  • With port mirror, the evo-pfemand might restart unexpectedly on QFX Series platform running Junos OS Evolved. PR1538626